You are here

Honeywell ControlEdge PLC and RTU (ICSA-20-175-02) – Products Used in the Water and Wastewater and Energy Sectors

Honeywell ControlEdge PLC and RTU (ICSA-20-175-02) – Products Used in the Water and Wastewater and Energy Sectors

Created: Tuesday, June 23, 2020 - 14:18
Categories:
Cybersecurity

CISA has published an advisory on a cleartext transmission of sensitive information vulnerability in Honeywell ControlEdge PLC and RTU. ControlEdge PLC R130.2, R140, R150, and R151 and ControlEdge RTU R101, R110, R140, R150, and R151 are affected. Successful exploitation of these vulnerabilities could allow an attacker to obtain passwords and session tokens. Honeywell provided detailed information for mitigation on the insecure communication in Control Edge PLC\RTU, available in a support document. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.